[2017-01-21] Covenants’ Mean You Can Burn Stolen Bitcoins

[Gembul]

News Bitcoin - Covenants’ Mean You Can Burn Stolen Bitcoins

Because bitcoin transactions are final, there is a major bug bounty on bitcoin wallets. This has led to high profile hacks of exchanges, wallet services and individual users.

“People compromise a system, find a bitcoin key, then steal the funds,” Dr. Sirer explains. “There’s no recourse. As soon as they get the funds, there is no filing a claim that you’re the rightful owner, as the rightful owner is ‘he who has the key.’”

The Cornell professor suggests modern computer systems remain “nowhere near” secure enough to hold high value digital assets, like bitcoin.

“We need to deal with the fact that bitcoin keys are going to be stolen and we want to be able to somehow stem this,” Dr. Sirer says.

READ MORE >>> https://news.bitcoin.com/covenant-wallet-burn-stolen-bitcoin/

[notthematrix]

Yeah stop using a closed source backdoored system! (windows)
stop using castodian wallets!
Use a external open source token (trezor) or a paper wallet (long time storage) depending on your needs!
People will learn , like they did in the 50 / 60 / 70s with cars!

[TraderTimm]

I assume this knob has heard of cold storage and hardware wallets?

Why is it that academics usually are the ones with their heads furthest up their own rectal cavity?

[ArticMine]

Yeah stop using a closed source backdoored system! (windows)
stop using castodian wallets!
Use a external open source token (trezor) or a paper wallet (long time storage) depending on your needs!
People will learn , like they did in the 50 / 60 / 70s with cars!

Getting rid of Windows is a must here. Covenants fail when the Windows malware steals both keys, so would a paper wallet created on a Windows system with malware for the same reason.

[Kprawn]

People use computers to do online banking and hackers still steal money from their accounts. Banks use computers and servers and even

private ledgers and hackers infiltrate that too.... so this is nothing new. Solution : Keep the majority of coins in cold storage and then use

reliable hardware wallets for the rest. I have not heard of one Treazor that has been compromised... but I know it is not impossible. He does

have a point, but many other technologies have the same problems. 

[panju1]

Why complicate matters when there are enough people who have demonstrated that bitcoins can be stored securely?
There are enough people with massive amounts of bitcoins in cold storage.

[richardsNY]

Cold (offline) storage solves this problem for a big part. Big part as at some point people will import their private keys again to a machine that at that time could be taken over by a hacker without you noticing. That's where the problem continues. I am not that much into hardware wallets at all, which makes me wonder how safe they are when it comes to hackers having taken over the PC of someone with a hardware wallet. How does this wallet protect you from hackers having the ability to change critical inputs?

[notthematrix]

Cold (offline) storage solves this problem for a big part. Big part as at some point people will import their private keys again to a machine that at that time could be taken over by a hacker without you noticing. That's where the problem continues. I am not that much into hardware wallets at all, which makes me wonder how safe they are when it comes to hackers having taken over the PC of someone with a hardware wallet. How does this wallet protect you from hackers having the ability to change critical inputs?

Trazor is safe windows is a issue .. And use a air gaped system to sign cold wallet transactins the signing key can then be posted online.....
Its very easy to do.

[richardsNY]

Cold (offline) storage solves this problem for a big part. Big part as at some point people will import their private keys again to a machine that at that time could be taken over by a hacker without you noticing. That's where the problem continues. I am not that much into hardware wallets at all, which makes me wonder how safe they are when it comes to hackers having taken over the PC of someone with a hardware wallet. How does this wallet protect you from hackers having the ability to change critical inputs?

Trazor is safe windows is a issue .. And use a air gaped system to sign cold wallet transactins the signing key can then be posted online.....
Its very easy to do.

I have just looked at various reviews of the Trezor, and it indeed seems to offer a decent level of security, but I personally don't like the fact that you depend on a connection between you and their (server) website in order to use your Trezor device. But I also read that it supports Multibit and Electrum. Does that mean if I use my Trezor device in combination with these clients, that I can have it work without it needing to connect to the Trezor servers?

[Coin-Keeper]

Cold (offline) storage solves this problem for a big part. Big part as at some point people will import their private keys again to a machine that at that time could be taken over by a hacker without you noticing. That's where the problem continues. I am not that much into hardware wallets at all, which makes me wonder how safe they are when it comes to hackers having taken over the PC of someone with a hardware wallet. How does this wallet protect you from hackers having the ability to change critical inputs?

Trazor is safe windows is a issue .. And use a air gaped system to sign cold wallet transactins the signing key can then be posted online.....
Its very easy to do.

I have just looked at various reviews of the Trezor, and it indeed seems to offer a decent level of security, but I personally don't like the fact that you depend on a connection between you and their (server) website in order to use your Trezor device. But I also read that it supports Multibit and Electrum. Does that mean if I use my Trezor device in combination with these clients, that I can have it work without it needing to connect to the Trezor servers?

I use my Trezors without ever connecting to the Trezor servers.  You can even initialize your Trezor OFFLINE pretty easily once you learn how its done.  In addition I use Electrum and only onion servers to maintain maximum privacy.  You will never regret getting a Trezor.

In fact after reading through this thread I just gave one of my Trezors a kiss.  joking - LOL!

[Slark]

To anyone suggesting - "get rid of a Windows, it is the cure for your security problems". And then what? I guess you want to switch to some Linux distribution.
So AFAIK there is malware, viruses and all kind of nasty stuff for Linux too, there are even strands of ransomware specially designed to target Lunux.
Of course it is far less possible that you will be infected while using Linux but you are still not 100% safe.

[notthematrix]

To anyone suggesting - "get rid of a Windows, it is the cure for your security problems". And then what? I guess you want to switch to some Linux distribution.
So AFAIK I know there is malware, viruses and all kind of nasty stuff for Linux too, there are even strands of ransomware specially designed to target Lunux.
Of course it is far less possible that you will be infected while using Linux but you are still not 100% safe.

Iam running Linux since 1993 and NEVER had any virus or malware.
The power of viruses in linux is very limited , kernel exploits are very seldom  and if found patched in hours , opensource software is what you need for security , windows is closed source so CAN NOT be save....
in case of bitcoin , you offcource need to run it on a system that DOES NOTING ELSE then running a wallet.
so if you send btc you use that computer , doing this makes it 99.999999999 save and thats good for most people....

[richardsNY]

Cold (offline) storage solves this problem for a big part. Big part as at some point people will import their private keys again to a machine that at that time could be taken over by a hacker without you noticing. That's where the problem continues. I am not that much into hardware wallets at all, which makes me wonder how safe they are when it comes to hackers having taken over the PC of someone with a hardware wallet. How does this wallet protect you from hackers having the ability to change critical inputs?

Trazor is safe windows is a issue .. And use a air gaped system to sign cold wallet transactins the signing key can then be posted online.....
Its very easy to do.

I have just looked at various reviews of the Trezor, and it indeed seems to offer a decent level of security, but I personally don't like the fact that you depend on a connection between you and their (server) website in order to use your Trezor device. But I also read that it supports Multibit and Electrum. Does that mean if I use my Trezor device in combination with these clients, that I can have it work without it needing to connect to the Trezor servers?

I use my Trezors without ever connecting to the Trezor servers.  You can even initialize your Trezor OFFLINE pretty easily once you learn how its done.  In addition I use Electrum and only onion servers to maintain maximum privacy.  You will never regret getting a Trezor.

In fact after reading through this thread I just gave one of my Trezors a kiss.  joking - LOL!

It's good to hear that it's just an optional service which requires connecting to their servers. I will purchase myself one as well. Unfortunately the white version takes months to ship. I'll probably go for the grey version even though it's $20 more expensive. It's the only color in stock. Right now I store my wallet.dat files in multiple USB drives where once I import them, I need to enter the passphrase. Exactly there lies the risk as a keylogger can easily pick up my password and cause severe damage. I must avoid that.